Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
A disruption to the online services of Moscow’s subway service has sparked suspicions of a Ukrainian revenge cyber attack following the country’s national train operator suffering a cyber attack.
In a statement on 31 March 2025, the Russian Centre for Monitoring and Control of the Public Communication Network (CMU SSOP) said it had received a large number of reports of issues with its application and website.
“On March 31, starting at 06:00, the Public Communication Network Monitoring and Control Center (PCNCNC) recorded a surge in requests about problems with the Moscow Metro application,” said CMU SSOP.
“As of 12:00, the problem with the application’s availability persists. Specialists are working to resolve the issue.”
Despite efforts to fix the issue, the next day, DownDetector.su showed that users still struggled with the subway’s online services, with the Moscow Metro app not working.
The incident closely follows a suspected Russian cyber attack on Ukraine’s national train service, Ukrzaliznytsia, which confirmed it suffered a cyber attack that affected digital services and prevented many from buying train tickets.
The cyber attack was suspected to have been Russian, resulting in suspicion that the Moscow Metro cyber attack may have been a revenge attack from Ukraine.
Additionally, as reported by CyberNews, the Moscow subway website was defaced and displayed a banner message that was previously on the Ukrzaliznytsia website.
In the aftermath of the attack it suffered last week, Ukrzaliznytsia said that while ticket sales were impacted, leading to long queues at stations as passengers attempted to purchase physical tickets, Ukrzaliznytsia confirmed that train schedules and transport operations remained unaffected.
“The enemy failed to do the key thing: train traffic is stable, they run clearly, without delays, and all operational processes of the movement are set up in a backup format,” added Ukrzaliznytsia.
“The railway continues to move despite physical attacks on the infrastructure, and even the most vile cyber attacks cannot stop it.”
The agency added that the lack of major impact was thanks to its preparation following previous attacks.
“Since Ukrzaliznytsia has previously become the object of enemy cyber attacks, the company has implemented backup protocols.
“The latest attack was very systemic, non-trivial, and multi-level. Therefore, before a full recovery from ‘backups’, UZ specialists, involved partners, the Cyber Department of the Security Service of Ukraine and the Government Computer Emergency Response Team (CERT-UA), operating under the State Service for Special Communications, must thoroughly test the services for possible vulnerabilities,” it said.
Be the first to hear the latest developments in the cyber industry.
